[gnutls-devel] [PATCH] asn1random.pl: generate simple tags only
matvejchikov at gmail.com
Wed Mar 4 09:44:34 CET 2015
2015-03-04 11:33 GMT+03:00 Nikos Mavrogiannopoulos <nmav at gnutls.org>:
> On Wed, Mar 4, 2015 at 9:24 AM, Matvejchikov Ilya
> <matvejchikov at gmail.com> wrote:
>> 2015-03-04 10:51 GMT+03:00 Nikos Mavrogiannopoulos <nmav at gnutls.org>:
>>> On Wed, Mar 4, 2015 at 1:35 AM, Matvejchikov Ilya
>>> <matvejchikov at gmail.com> wrote:
>>>> Please, review the patch
>>> Thanks Ilya. It looks reasonable, but could you elaborate why this is
>>> needed? Wouldn't it make sense to have these tags as well?
>> This patch fixes the problem. But it would be nice to have theese tags
>> correctly encoded too.
> I think the idea of these scripts is to test incorrectly encoded tags
> as well, so if you strive to correctly encode them, you may defeat its
> purpose. It would make sense however, to have them generate reasonable
> structures that don't get rejected immediately. However, I'm not sure
> I understood which problem you notice there, and what you're try to
Not sure as x509random.pl has the explicit option that allows to
inject encoding errors. But asn1random.pl doesn't. So, in my opinion
asn1random.pl intended to generate valid ASN/DER blobs with correct
structure. But tags >= 31 encoded incorrectly (according to X.690-0207
-- 22.214.171.124) and parsers (dumpasn1, openssl/asn1parse) fails with
>> Do you know who is the maintainer of asn1random.pl / x509random.pl scripts?
> They were originally written to test an ASN.1 parser in the Linux
> kernel. Not sure if there are still used for that. You may contact the
> author if you like.
Added in the CC.
More information about the Gnutls-devel